带有警告的 PHP/Javascript 会话超时

2022-01-20 00:00:00 session popup timeout php javascript

有谁知道我可以在哪里阅读教程,或者知道如何创建一个基于 Javascript 的会话超时,它内置了一个警告,以及可选的这些功能:

Does anyone know where I can read a tutorial on, or know how to create a Javascript-based session timeout that has a warning built in, and optionally these features:

  • 用户活动重置计时器
  • 与数据库交互(最后一次出现等)
  • 如果不活动,它将注销用户(通过重定向到 logout.php页)
  • 在注销用户之前,它会显示一条弹出消息,询问如果他们想继续

很遗憾,我对 Javascript 不太了解.

Unfortunately, I don't know too much about Javascript.

推荐答案

我不知道你的网站是怎么做的,但如果做得对,你应该有一个登录会话和某种拒绝的后端控制系统如果上一个操作是在 X 分钟/小时前进行的并且自动使用户过期的任何操作.如果你想实现一些客户端代码,你应该有一个javascript计时器,当过期时间即将结束时提醒用户,你也可以在过期时间到达后将用户重定向到主页或登录页面.这样,所有的安全功能都在后端,而 javascript 仅作为显示行为的显示措施.

I don't know how your website is done, but if done right, you should have a log in session and some sort of back end control system that denies any action if the previous action was made X minutes/hours ago and automatically expires the user. If you want to implement some client side code, you should have a javascript timer that alerts the user when expire time is about to be complete and you can also redirect the user to the homepage or log in page after the expire time is reached. This way all security features are on the back end and the javascript only works as a display measure for the display behavior.

更新:

setInterval(function(){alert("Hey, your session is ending")},360000);

setInterval(function(){
    redirect();
},720000);

function redirect(){
    document.location = "../logout.php"
}

更新2:

setInterval(function(){
    logout();
},600000);

function logout(){
    if(confirm('Logout?'))
        redirect();
    else
        alert('OK! keeping you logged in')
}

function redirect(){
    document.location = "../logout.php"
}

带有此代码的每个页面都会在 10 分钟后询问用户是否要退出.这意味着您的会话不能自行过期,您必须将控制权留给用户

Every page with this code will ask after 10 minutes if the user wants to logout. This means your session cannot expire by itself, you must leave the control to the user

相关文章